b'           OFFICE OF\n    THE INSPECTOR GENERAL\n\nSOCIAL SECURITY ADMINISTRATION\n\n\n\n  STATE AND LOCAL GOVERNMENTS\xe2\x80\x99\n      COLLECTION AND USE OF\n     SOCIAL SECURITY NUMBERS\n\n  September 2007   A-08-07-17086\n\n\n\n\n AUDIT REPORT\n\x0c                                    Mission\nBy conducting independent and objective audits, evaluations and investigations,\nwe inspire public confidence in the integrity and security of SSA\xe2\x80\x99s programs and\noperations and protect them against fraud, waste and abuse. We provide timely,\nuseful and reliable information and advice to Administration officials, Congress\nand the public.\n\n                                   Authority\nThe Inspector General Act created independent audit and investigative units,\ncalled the Office of Inspector General (OIG). The mission of the OIG, as spelled\nout in the Act, is to:\n\n  \xef\x81\xad Conduct and supervise independent and objective audits and\n    investigations relating to agency programs and operations.\n  \xef\x81\xad Promote economy, effectiveness, and efficiency within the agency.\n  \xef\x81\xad Prevent and detect fraud, waste, and abuse in agency programs and\n    operations.\n  \xef\x81\xad Review and make recommendations regarding existing and proposed\n    legislation and regulations relating to agency programs and operations.\n  \xef\x81\xad Keep the agency head and the Congress fully and currently informed of\n    problems in agency programs and operations.\n\n  To ensure objectivity, the IG Act empowers the IG with:\n\n  \xef\x81\xad Independence to determine what reviews to perform.\n  \xef\x81\xad Access to all information necessary for the reviews.\n  \xef\x81\xad Authority to publish findings and recommendations based on the reviews.\n\n                                     Vision\nWe strive for continual improvement in SSA\xe2\x80\x99s programs, operations and\nmanagement by proactively seeking new ways to prevent and deter fraud, waste\nand abuse. We commit to integrity and excellence by supporting an environment\nthat provides a valuable public service while encouraging employee development\nand retention and fostering diversity and innovation.\n\x0c                                            SOCIAL SECURITY\nMEMORANDUM\n\nDate:      September 10, 2007                                                        Refer To:\n\nTo:        The Commissioner\n\nFrom:      Inspector General\n\nSubject:   State and Local Governments\xe2\x80\x99 Collection and Use of Social Security Numbers\n           (A-08-07-17086)\n\n\n           OBJECTIVE\n\n           Our objective was to assess State and local governments\xe2\x80\x99 collection and use of Social\n           Security numbers (SSNs) and the potential risks associated with current practices.\n\n           BACKGROUND\n\n           State and local governments provide programs and services to millions of individuals\n           each year. To assist in this process, many State and local governments collect and use\n           SSNs for various purposes. Although no single Federal law regulates overall use and\n           disclosure of SSNs, the Social Security Act, the Privacy Act of 1974, and the Family\n           Educational Rights and Privacy Act, contain provisions that govern disclosure and use\n           of SSNs. See Appendix A for more information on the specific provisions of these laws.\n           Additionally, the Office of Management and Budget (OMB) recently issued a\n           memorandum to Federal agencies on safeguarding against and responding to\n                                                                             1\n           breaches of personally identifiable information, including SSNs. Federal agencies are\n           required to reduce the volume of collected and retained personally identifiable\n           information to the minimum necessary, 2 including establishment and implementation of\n           plans to eliminate unnecessary collection and use of SSNs. 3 The OMB guidelines also\n           require Federal agencies to develop and implement an appropriate policy relative to\n           safeguarding personally identifiable information outlining the rules of behavior and\n           identifying consequences and corrective actions available for failure to follow these\n           rules. 4\n\n           1\n             OMB Memorandum M-07-16, Safeguarding Against and Responding to the Breach in Personally\n           Identifiable Information, May 22, 2007.\n           2\n               OMB M-07-16, page 2.\n           3\n               OMB M-07-16, Attachment 1, \xc2\xa7 B.2.a.\n           4\n               OMB M-07-16, Attachment 4 \xc2\xa7 A.\n\x0cPage 2 - The Commissioner\n\n\nWe reviewed relevant laws from all 50 States to (1) discern the purposes for which SSN\ncollection and use is legally mandated, (2) identify measures States have taken to limit\nSSN collection and use and (3) evaluate State laws that govern the protection of SSNs\nfrom improper use and disclosure. Because of the large number of State and local\nentities and associated programs throughout the United States, we focused our review\non the following:\n\n\xe2\x80\xa2   existing State laws as previously described,\n\xe2\x80\xa2\n                                                                                  5\n    State and local governments\xe2\x80\x99 posting of SSNs on Internet websites,\n\xe2\x80\xa2   SSNs used for kindergarten through 12th grade (K-12) school registration and\n    tracking,\n\xe2\x80\xa2   SSNs used in State prescription drug monitoring programs,\n\xe2\x80\xa2   cases in which State and local governments inadvertently and/or improperly\n    disclosed SSNs, and\n\xe2\x80\xa2   measures and/or laws implemented by States or local governments that we believe\n    represent best practices.\n\nSee Appendix B for additional details regarding our scope and methodology.\n\nRESULTS OF REVIEW\nBased on our reviews of selected State and local governments\xe2\x80\x99 policies and practices,\nwe are concerned about the collection, use and protection of SSNs by these entities.\nDespite the increasing threat of identity theft, some State and local governments collect\nand use SSNs for various purposes, even when another identifier would suffice. While\nFederal or State law may require that government agencies collect SSNs in some\ninstances, we believe some do so for convenience. In our opinion, a government entity\nshould not place more value on convenience than on the security of its constituents\xe2\x80\x99\npersonal information. We also believe individuals who provide their SSNs to\ngovernment entities have an expectation that these numbers will be protected from\npublic disclosure. Based on our previous audit and investigative findings, we know\nunnecessary use of SSNs increases the potential for dishonest individuals to\nillegitimately attain these numbers and misuse them, thus creating SSN integrity issues.\nSome State and local governments shared our concern regarding the protection of this\nsensitive personal information\xe2\x80\x94and preventing improper disclosure and identity theft\xe2\x80\x94\nand have taken steps to reduce the collection and use of SSNs.\n\n\n\n\n5\n  We reviewed Internet websites of all State governments. We also selected and reviewed a sample of\nlocal government and K-12 school websites because of the large number of such entities.\n\x0cPage 3 - The Commissioner\n\n\nGiven the Federal government\xe2\x80\x99s increased actions to safeguard SSNs, we believe SSA\nshould seek legislation to limit State and local governments\xe2\x80\x99 collection and use of SSNs\nand improve the protection of this information when obtained. We also believe such\nlegislation should model OMB\xe2\x80\x99s guidance to Federal agencies and include similar\npenalties or \xe2\x80\x9cconsequences\xe2\x80\x9d when State or local governments/employees fail to follow\nthese laws.\n\nSTATE AND LOCAL GOVERNMENTS\xe2\x80\x99 COLLECTION AND USE OF SSNs\n\nState and local governments collect and use SSNs for a variety of purposes. We\nidentified instances in which they posted public documents that contained SSNs on the\nInternet, used SSNs for school registration and student tracking, and collected SSNs to\n                                      6\nmonitor prescription drug programs. In addition, the Government Accountability Office\n(GAO) reported that State and local government agencies frequently collect and use\nSSNs to administer their programs, verify applicants\xe2\x80\x99 eligibility for services and benefits,\nand perform research and evaluations. Although GAO found that some government\nagencies had taken steps to limit the use and display of SSNs, the numbers were still\navailable in a variety of public records held by States, local jurisdictions, and courts. 7\n\nSSNs Posted on the Internet\n\nSome State and county governments post Uniform Commercial Code (UCC) filings,\nproperty tax assessor files, motor vehicle records, registered voter files, and court filings\nthat contain SSNs on the Internet. State and local governments routinely make\ndocuments available to the public and allow individuals to make copies at courthouses\nand county offices. To reduce the time employees spend pulling and copying\ndocuments for the public, some States and counties post public documents on the\nInternet. Unfortunately, some of these documents include individuals\xe2\x80\x99 SSNs that may\nbe viewed by individuals who do not have a need to know this information.\n\nDuring our audit period, 11 States were posting copies of UCC filings that included\nindividuals\xe2\x80\x99 SSNs on the Internet. However, we are encouraged to report that, by the\ncompletion of our audit work, eight of these States had discontinued this practice.\nSome of these States redacted the SSNs from the on-line documents, and others no\nlonger allowed users to obtain the documents on-line. Unfortunately, at the time of this\nreport, three States still had copies of UCC filings that included individuals\xe2\x80\x99 SSNs on the\nInternet. 8 Displaying such information on the Internet allows countless individuals to\n\n6\n We do not intend to imply that these are the only ways in which State and local governments collect and\nuse SSNs.\n7\n Social Security Numbers: Federal and State Laws Restrict Use of SSNs, yet Gaps Remain\n(GAO-05-1016T, September, 2005).\n8\n  Maryland, Ohio and Rhode Island. In response to our draft report, the Ohio Secretary of State sent us a\nletter stating that her office has taken the necessary steps to assure the redaction of SSNs for current\nonline UCC filings. In June 2007, the new administration implemented a project that will ensure the\nredaction of SSNs for archived, online UCC filings by September 30, 2007.\n\x0cPage 4 - The Commissioner\n\n\nview others\xe2\x80\x99 SSNs, unnecessarily subjecting them to the possibility of identity theft. As\nsuch, we encourage State and local governments not to place SSNs on public\ndocuments that may be seen by others or post such documents on the Internet.\nAdditionally, we encourage these government entities to examine their collection of\nSSNs and, if possible, use an alternative identifier.\n\nSSNs Used for School Registration and Student Tracking\n\nSome K-12 schools require students\xe2\x80\x99 SSNs for school registration and use SSNs to\ntrack students throughout their school years. For example, we identified laws in\n             9\nthree States that required that schools obtain students\xe2\x80\x99 SSNs. Additionally, schools in\n40 other States 10 collected students\xe2\x80\x99 SSNs at registration, even though no State law\nrequired that they do so. Schools often use SSNs as primary student identifiers to help\nin record keeping and to identify students when they transfer to another school or apply\nfor college. The No Child Left Behind Act of 2001 11 requires that each State implement\na Statewide accountability program that measures the progress of students and schools\nthrough the collection and analysis of data. However, this law does not require that\nStates use SSNs to identify and track students. Rather, we believe some K-12 schools\nuse SSNs as a matter of convenience. The number is unique and, in many cases, is\nalready established to help schools track students throughout their school careers.\n\nFor the 2004/2005 school year, the National Education Association estimated that there\nwere more than 48 million K-12 students in over 15,000 school districts across the\n         12\ncountry. We believe the collection and use of SSNs without proper controls is a\nsignificant vulnerability for this young population. Recent data indicate the number of\nchildren under age 18 whose identities have been stolen is growing. 13 This is\nparticularly troubling given that some of these individuals may not become aware of\nsuch activity until they apply for a credit card or student loan.\n\n\n\n\n9\n    Alabama, Georgia, and Tennessee.\n10\n  Alaska, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, Florida, Hawaii, Idaho, Illinois,\nIndiana, Iowa, Kansas, Kentucky, Louisiana, Maryland, Massachusetts, Michigan, Minnesota, Mississippi,\nMissouri, Montana, Nebraska, Nevada, New Jersey, New York, North Carolina, North Dakota, Ohio,\nOregon, Pennsylvania, South Carolina, South Dakota, Texas, Utah, Virginia, Washington, Wisconsin, and\nWyoming.\n11\n     Pub. L. No. 107-110 \xc2\xa7 1111(b)(3).\n12\n     Ranking and Estimates, June 2005. National Education Association.\n13\n  According to the Federal Trade Commission, identity theft complaints from individuals under age\n18 increased from 3 percent of all identity theft complaints it received in 2003 to 5 percent in 2005.\nNational and States Trends in Fraud and Identity Theft: January \xe2\x80\x93 December 2003, January 2004.\nFederal Trade Commission. Identity Theft Victim Complaint Data: January 1 \xe2\x80\x93 December 31, 2005,\nJanuary 2006. Federal Trade Commission.\n\x0cPage 5 - The Commissioner\n\n\nIn previous audits, 14 we assessed universities\xe2\x80\x99 use of SSNs as student identifiers and\nidentified instances in which universities used SSNs as the primary student identifier or\nfor other purposes. Numerous incidences of identity theft at colleges and universities\nand the recognition that SSNs are linked to vast amounts of personal information led\nsome schools to reconsider the practice of using SSNs as primary student identifiers.\nSeveral schools took steps to reduce their reliance on SSNs or turned to alternative\nidentifiers. In addition, some States enacted laws to regulate college and university use\nof SSNs. We are encouraged by these efforts and suggest that State and local\ngovernments consider affording these same protections to their youngest constituents \xe2\x80\x93\nthose in K-12 schools.\n\nSSNs Used to Monitor State Program\n\nSome State and local governments collect and use SSNs to administer various\nprograms and services. For example, we identified prescription drug monitoring\nprograms in some States, which track individuals who obtain controlled substance\nprescriptions. As part of these programs, some States require that individuals who\npresent a prescription for a controlled substance provide a unique identifying number,\nsuch as a driver\xe2\x80\x99s license, passport, or SSN. Kentucky policy mandates that this\nidentifier be the individual\xe2\x80\x99s SSN. However, Alabama, Hawaii, Massachusetts and\nIndiana give individuals an option of providing an SSN or other unique number. While\nthese programs aid law enforcement in obtaining information against suspected\ncriminals, we believe States could rely on other unique identifying documents, such as\na driver\xe2\x80\x99s license (which includes a photograph) to track individuals. We encourage\nStates to use a substitute for the SSN if a personal identifier is needed to track\nindividuals in a State program.\n\nPOTENTIAL RISKS ASSOCIATED WITH COLLECTING AND USING SSNs\n\nEach time an individual divulges his or her SSN, the potential for a thief to illegitimately\ngain access to bank accounts, credit cards, driving records, tax and employment\nhistories and other private information increases. We believe the following examples\nillustrate individuals\xe2\x80\x99 risk of exposure to such activity.\n\n\xe2\x80\xa2    The Mississippi Secretary of State\xe2\x80\x99s Internet website posted over 2 million\n     documents containing thousands of individuals\xe2\x80\x99 SSNs. State officials removed the\n     link to the documents after a privacy activist filed a complaint.\n\n\xe2\x80\xa2    An Ohio county\xe2\x80\x99s website contained public documents, including traffic tickets, that\n     contained individuals\xe2\x80\x99 SSNs and other personal information. Individuals involved in\n     an identity theft ring were arrested in March 2006 for allegedly stealing nearly\n     $500,000 with the aid of the county\xe2\x80\x99s website.\n\n\n\n14\n Universities\' Use of Social Security Numbers as Student Identifiers in Regions IV and X,\nDecember 2004 and March 2005.\n\x0cPage 6 - The Commissioner\n\n\n\xe2\x80\xa2    A high school in Illinois mistakenly posted SSNs and other personal information of\n     over 2,000 students on the school\xe2\x80\x99s website.\n\n\xe2\x80\xa2    A high school in Michigan had a hard drive stolen that contained SSNs, transcripts,\n     test scores, and addresses of students who graduated from the high school\n     between 1994 and 2007. It is unclear how many students this may have impacted.\n\n\xe2\x80\xa2    A California county department of public social services disposed of documents that\n     contained names, addresses, telephone numbers, SSNs, and medical information\n     of an estimated 94,000 people who received services from the office over 3 years.\n     Those documents were disposed of next to a public recycling bin.\n\nSOME STATE AND LOCAL GOVERNMENTS HAVE TAKEN STEPS TO LIMIT SSN\nCOLLECTION AND USE\n\nThe increase in identity theft and the recognition that SSNs are linked to vast amounts\nof personal information have led some State and local governments to limit SSN\n                   15\ncollection and use. We identified 11 States that have taken steps to remove SSNs\nfrom public documents 16 and 24 States that have passed laws to protect individuals\xe2\x80\x99\nSSNs from being on public documents. 17 In addition, we identified 15 States that have\npassed laws to restrict companies and individuals from posting or publicly displaying\n       18\nSSNs, printing them on cards, transmitting them over the Internet, and mailing them\nwithout safety measures. The following examples illustrate these steps.\n\n\xe2\x80\xa2    New Jersey prohibits individuals\xe2\x80\x99 SSNs on documents intended for public recording.\n     County recording offices have the authority to remove SSNs from documents.\n\n\xe2\x80\xa2    California allows individuals to redact SSNs from pleadings, attachments,\n     documents, or other written material filed with a court. Individuals are responsible\n     for requesting the court to remove their SSN from a public document.\n\n\n\n15\n   We do not intend to suggest that the States discussed below are the only States that have taken steps\nto limit SSN collection and use.\n16\n  Alabama, California, Georgia, Indiana, Kansas, Nevada, New Jersey, New York, North Carolina, Ohio,\nand Tennessee have laws to remove SSNs from public documents if not required by Federal law.\n17\n  The following States have laws to protect individuals\xe2\x80\x99 SSNs from being on public documents: Alabama,\nCalifornia, Georgia, Indiana, Iowa, Kansas, Louisiana, Maine, Minnesota, Nevada, New Hampshire, New\nJersey, North Carolina, Ohio, Oregon, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas,\nUtah, Vermont, West Virginia, and Wisconsin.\n18\n  The law only applies to individuals in Illinois, Maryland, Michigan, and Virginia. The law applies to both\nindividuals and entities in Arizona, Arkansas, California, and Colorado. The law only applies to entities in\nConnecticut, Minnesota and Missouri. The law only applies to businesses in New Mexico and Vermont\nand only to employing entities in Oklahoma. In Texas, the law applies to individuals other than\ngovernment or a government subdivision or agency.\n\x0cPage 7 - The Commissioner\n\n\n\xe2\x80\xa2     North Carolina prohibits government agencies and their representatives from\n      collecting SSNs from individuals unless it is authorized by law or imperative for the\n      performance of that agency\xe2\x80\x99s duties, as prescribed by law. Government agencies\n      and their representatives are prohibited from intentionally communicating SSNs to\n      the general public, printing SSNs on cards, or printing them on any material mailed\n      to the individual unless required by Federal or State law. This law also applies to\n      businesses.\n\n\xe2\x80\xa2     South Carolina prohibits SSNs that are provided in voter registration applications\n      from being disclosed to the public.\n\n\xe2\x80\xa2     Alabama requires that State agencies remove SSNs before making documents\n      public, unless the document is a lien, conviction record, or bankruptcy filing.\n\nIn February 2007, the Maricopa County Recorder\xe2\x80\x99s Office in Phoenix, Arizona, began\n                                                                                   19\nredacting SSNs from 83 million public documents it had posted on the Internet.\nCounty officials told us they undertook this $4.5-million project in response to identity\n                 20\ntheft concerns, constituent complaints about the on-line SSN postings, and the desire\nto take a proactive approach in addressing this issue. 21 The recorder\xe2\x80\x99s office hired a\ncontractor to perform the SSN redaction project because officials believed the\n                                                                               22\nincreased workload would require too much additional work for office staff. The\ncounty selected a contractor who could manually review each document to ensure all\nSSNs were removed. In fact, the county specified that each document be manually\nreviewed by two individuals to ensure a 99.95 percent accuracy rate. When the\ncontractor completes the SSN redaction project in July 2007, the county plans to\npurchase redaction software so it can conduct its own process in the future. Under a\nnew Arizona law, individuals who file documents with the county must remove SSNs\nunless Federal law requires that the number be on the document. However, county\nofficials told us they still plan to use redaction software to ensure they do not post SSNs\non the Internet in the future. While this was an expensive undertaking for Maricopa\nCounty, we applaud its actions to better secure its constituents\xe2\x80\x99 personal data.\n\nWe also identified instances in which K-12 schools have reduced their reliance on\nSSNs or turned to alternative identifiers. For example, in 2005, Arkansas passed The\nStudent Identity Protection Act, 23 which prohibits schools from using, displaying,\n19\n   The county recorder\xe2\x80\x99s office began posting public records on the Internet in 1997 and included records\nfrom 1991 forward. County officials estimated that about 6 percent of the documents contained SSNs.\n20\n  In 2005, the Phoenix metropolitan area had the highest rate of identity theft in the nation according to\nthe Federal Trade Commission.\n21\n  County officials told us they funded the SSN redaction project with fees the recorder\xe2\x80\x99s office received for\neach recorded document. According to county officials, the recorder\xe2\x80\x99s office did not use any of the\ncounty\xe2\x80\x99s general funds to pay for the SSN redaction project.\n\n22\n     County officials told us the recorder\xe2\x80\x99s office receives about 6,500 documents daily.\n23\n     Ark. Stat. Ann. \xc2\xa7 6-18-208(d).\n\x0cPage 8 - The Commissioner\n\n\nreleasing, or printing a student\xe2\x80\x99s SSN or any part of the SSN on any report,\nidentification card or badge, or on any document that will be made available or released\nto the public, to a student, or to a student\xe2\x80\x99s parent or guardian without express written\nconsent except if the records are transferred to or between the Arkansas Department of\nEducation, other public schools or school districts, or other government agencies as\nallowed or required by Federal law, State law, or State Board of Education rule. The\nPennsylvania Department of Education recently decided to forbid school districts from\nrequiring that students show SSNs to register. Instead, the Pennsylvania Department\nof Education plans to start tracking students with an assigned unique identification\nnumber to help guard against identity theft. The Alaska Department of Education and\nEarly Development attempted and failed to use students\xe2\x80\x99 SSNs as their primary student\nidentifier. The schools received approximately 60 percent of students\xe2\x80\x99 SSNs because\nmany parents refused to provide the numbers. As a result, the Alaska Department of\nEducation decided to begin assigning a 10-digit number to each K-12 child in the public\nschools.\n\nCONCLUSION AND RECOMMENDATIONS\n\nDespite the potential risks associated with collecting and using SSNs, many State and\nlocal governments continue this practice. While we recognize SSA cannot prohibit\nState and local governments from using SSNs, we believe SSA should seek legislation\nthat would limit State and local governments\xe2\x80\x99 collection and use of SSNs and improve\nprotection of this information when it is obtained. We recognize that such legislation\ncould be inconvenient for States and local governments and may initially result in a cost\ninvestment when converting current programs that use the SSN. However, given the\npotential threats to SSN integrity, such a challenge should not discourage SSA from\nseeking these measures, which will better safeguard the sensitive and personal\ninformation of numberholders.\n\nAccordingly, we recommend that SSA:\n\n1. Seek legislation to limit State and local governments\xe2\x80\x99 collection and use of SSNs\n   and improve the protection of this information when obtained. We believe such\n   legislation should model OMB\xe2\x80\x99s guidance to Federal agencies and include similar\n   penalties or \xe2\x80\x9cconsequences\xe2\x80\x9d when State or local governments fail to follow these\n   laws.\n\n2. Coordinate with State and local governments (for example, through national and\n   regional governmental associations) to educate them about the potential risks\n   associated with collecting and improperly disclosing SSNs.\n\n3. Promote the best practices of State and local governments that have taken steps to\n   limit SSN collection and use.\n\x0cPage 9 - The Commissioner\n\n\nAGENCY COMMENTS AND OIG RESPONSE\nSSA agreed with Recommendations 2 and 3. Although SSA disagreed with\nRecommendation 1, it agreed in principle with similar legislation currently under\nconsideration by Congress. 24 We are pleased that SSA is supportive of legislation to\nlimit State and local governments\xe2\x80\x99 collection and use of SSNs and improve the\nprotection of this information when obtained. We concur that seeking additional or\nseparate legislation would not be necessary if H.R. 3046 becomes law.\n\nSSA also provided technical comments that we considered and incorporated, where\nappropriate. SSA\xe2\x80\x99s comments are included in Appendix C.\n\n\n\n\n                                                         Patrick P. O\xe2\x80\x99Carroll, Jr.\n\n\n\n\n24\n  On July 18, 2007, the House Committee on Ways and Means voted to approve the Social Security\nNumber Privacy and Identity Theft Prevention Act of 2007 (H.R. 3046), a bill to amend the Social Security\nAct to prevent Federal, State and local governments from displaying SSNs to the public, showing the\nnumbers on identification tags and cards and, in most cases, selling the numbers.\n\x0c                                      Appendices\nAPPENDIX A \xe2\x80\x93 Federal Laws that Govern Disclosure and Use of the Social Security\n             Number\nAPPENDIX B \xe2\x80\x93 Scope and Methodology\nAPPENDIX C \xe2\x80\x93 Agency Comments\nAPPENDIX D \xe2\x80\x93 OIG Contacts and Staff Acknowledgments\n\x0c                                                                                     Appendix A\n\nFederal Laws that Govern Disclosure and Use\nof the Social Security Number\nThe following Federal laws establish a general framework for disclosing and using the\nSocial Security number (SSN).\n\nThe Privacy Act of 1974 (the \xe2\x80\x9cPrivacy Act\xe2\x80\x9d) 1\n\nThe Privacy Act indicates, in part, that it is unlawful for any Federal, State, or local\ngovernment agency to deny any individual any right, benefit, or privilege provided by\nlaw because of such individual\xe2\x80\x99s refusal to disclose his or her SSN, unless the\ndisclosure is required by Federal statute or is to any Federal, State or local agency\nmaintaining a system of records in existence and operating before January 1, 1975,\nsuch disclosure was required under statute or regulation adopted prior to such date to\n                                     2                                                 3\nverify the identity of an individual. Further, under Section 7(b) of the Privacy Act, any\nFederal, State, or local government agency requesting that an individual disclose\nhis/her SSN must inform the individual whether the disclosure is voluntary or\nmandatory, by what statutory or other authority the SSN is solicited and what uses will\nbe made of the SSN.\n                                                              4\nThe Family Educational Rights and Privacy Act\n\nThe Family Educational Rights and Privacy Act (FERPA) protects the privacy of student\neducation records. FERPA applies to those schools that receive funds under an\n                                                           5\napplicable program of the U.S. Department of Education. Under FERPA, an\neducational institution must have written permission from the parent or eligible student\nto release any personally identifiable information (which includes SSNs) from a\nstudent\xe2\x80\x99s education record. 6 FERPA does, however, provide certain exceptions in\n\n\n1\n    Pub. L. No. 93-579, 5 U.S.C. 552a.\n2\n    Pub. L. No. 93-579 \xc2\xa7 7(a), 5 U.S.C. 552a, note 7.\n3\n    Pub. L. No. 93-579 \xc2\xa7 7(b), 5 U.S.C. 552a, note 7.\n4\n    20 U.S.C. \xc2\xa7 1232g.\n5\n    34 C.F.R. Part 99, Subpart A, \xc2\xa7 99.1.\n6\n  20 U.S.C. \xc2\xa7 1232g(b).FERPA gives parents certain rights with respect to their children\xe2\x80\x99s education\nrecords. 34 C.F.R. Part 99 Subpart B \xc2\xa7 99.10(a). These rights transfer to the child when the child\nreaches the age of 18 or attends an institution of postsecondary education. 20 U.S.C. \xc2\xa7 1232g(d).\nChildren that have been transferred rights are referred to as \xe2\x80\x9celigible students\xe2\x80\x9d. 34 C.F.R. Part 99,\nSubpart A \xc2\xa7 99.5(a).\n\n\n                                                        A-1\n\x0cwhich a school is allowed to disclose records without consent. 7 These exceptions\ninclude disclosure without consent to other school officials who have a legitimate\neducational interest in the information, to officials of institutions where the student is\nseeking to enroll/transfer, to parties to whom the student is applying for financial aid, to\nthe parent of a dependent student, to appropriate parties in compliance with a judicial\norder or lawfully issued subpoena, or to health care providers in the event of a health or\nsafety emergency. 8\n\nThe Social Security Act\n\nThe Social Security Act provides, in part, that \xe2\x80\x9cSocial security account numbers and\nrelated records that are obtained or maintained by authorized persons pursuant to any\nprovision of law, enacted on or after October 1, 1990, shall be confidential, and no\nauthorized person shall disclose any such social security account number or related\nrecord\xe2\x80\x9d. 9 The Social Security Act also provides, in part, that \xe2\x80\x9c[w]hoever discloses, uses,\nor compels the disclosure of the social security number of any person in violation of the\n                                                         10\nlaws of the United States; shall be guilty of a felony\xe2\x80\xa6\xe2\x80\x9d. The Social Security Act\nauthorizes certain State and local agencies to use the SSN for certain purposes and\nallows, or in certain instances requires, such agencies to require individuals to furnish\ntheir SSNs for such purposes. 11\n\n\n\n\n7\n    20 U.S.C. \xc2\xa7 1232g(b)(1).\n8\n    20 U.S.C. \xc2\xa7 1232g(b)(1).\n9\n    42 U.S.C. \xc2\xa7 405(c)(2)(C)(viii).\n10\n     42 U.S.C. \xc2\xa7 408(a)(8).\n11\n     42 U.S.C. \xc2\xa7 405(c)(2)(C)(i), (ii), (v), (vi), (D) and (E).\n\n\n                                                           A-2\n\x0c                                                                                Appendix B\n\nScope and Methodology\nTo accomplish our objective, we reviewed relevant laws from all 50 States to (1) discern\nthe purposes for which Social Security number (SSN) collection and use is legally\nmandated, (2) identify measures States have taken to limit SSN collection and use and\n(3) evaluate State laws that govern the protection of SSNs from improper use and\ndisclosure. Because there are such a large number of State and local entities and\nassociated programs throughout the United States, we focused our review on the\nfollowing:\n\n\xe2\x80\xa2   existing State laws as previously described;\n\xe2\x80\xa2   State and local governments\xe2\x80\x99 posting of SSNs on Internet websites; 1\n\xe2\x80\xa2   SSNs used for kindergarten through 12th grade (K-12) school registration and\n    tracking;\n\xe2\x80\xa2   SSNs used in State prescription drug monitoring programs;\n\xe2\x80\xa2   cases in which State and local governments inadvertently and/or improperly\n    disclosed SSNs;\n\xe2\x80\xa2   measures and/or laws implemented by States or local governments that we believe\n    represent best practices;\n\xe2\x80\xa2   interviewed selected county officials responsible for redacting SSNs from the\n    Internet; and\n\xe2\x80\xa2   reviewed selected studies, articles, and reports regarding State and local\n    governments\xe2\x80\x99 collection and use of SSNs.\n\nWe visited one county recorder\xe2\x80\x99s office and interviewed officials to learn more about\ntheir SSN redaction project. In addition, we identified State and local governments,\nincluding K-12 schools, that have limited their use of SSNs and determined the reasons\nfor this changes and best practices that could be adopted by other State and local\ngovernments. Our review of internal controls was limited to gaining an understanding of\nthe use of SSNs by State and local governments. The Social Security Administration\nentity reviewed was the Office of the Deputy Commissioner for Operations. We\nconducted our audit from October 2006 through April 2007 in accordance with generally\naccepted government auditing standards.\n\n\n\n\n1\n  We reviewed Internet websites of all State governments. We also selected and reviewed a sample of\n                                               th\nlocal government and kindergarten through 12 grade school websites because of the large number of\nsuch entities.\n\x0c                  Appendix C\n\nAgency Comments\n\x0c                                          SOCIAL SECURITY\n\n\nMEMORANDUM\n\n\nDate:        August 23, 2007 Refer                                               Refer To: S1J-3\n\nTo:          Patrick P. O\'Carroll, Jr.\n             Inspector General\n\nFrom:        David V. Foster        /s/\n             Chief of Staff\n\nSubject:     Office of the Inspector General (OIG) Draft Report, \xe2\x80\x9cState and Local Governments\' Collection\n             and Use of Social Security Numbers" (A-08-07-17086)--INFORMATION\n\n\n           We appreciate OIG\xe2\x80\x99s efforts in conducting this review. Our response to the reports findings and\n           recommendations are attached.\n\n           Please let me know if we can be of further assistance. Staff inquiries may be directed to\n           Ms. Candace Skurnik, Director, Audit Management and Liaison Staff, at extension 54636.\n\n           Attachment\n\n\n\n\n                                                         C-1\n\x0cCOMMENTS ON THE OFFICE OF THE INSPECTOR GENERAL (OIG) DRAFT\nREPORT, \xe2\x80\x9cSTATE AND LOCAL GOVERNMENTS\xe2\x80\x99 COLLECTION AND USE OF\nSOCIAL SECURITY NUMBERS\xe2\x80\x9d (A-08-07-17086)\n\n\nThank you for the opportunity to review and comment on the draft report. As the issuer of Social\nSecurity numbers (SSN), we have been an active participant and are continuously working with\nFederal agencies to address issues surrounding Personally Identifiable Information (PII) breaches.\nWe serve as a member of the President\xe2\x80\x99s Interagency Identity Theft Task Force whose mission is\nto strengthen Federal efforts to protect against the unlawful use of another person\xe2\x80\x99s identifying\ninformation. As part of those efforts, we are already in the process of assessing the public and\nprivate sector uses of SSNs to identify actions that will strengthen the Federal government\xe2\x80\x99s\nefforts in the fight against identity theft. We are committed to helping States reduce unnecessary\ncollection of SSNs and to improve protections and safeguards. We believe the actions planned,\nor taken, as described in our responses to the specific recommendations below, help achieve\nthose goals. We are also providing some technical comments to enhance the accuracy of the\nreport.\nRecommendation 1\n\nThe Social Security Administration (SSA) should seek legislation to limit State and local\ngovernments\xe2\x80\x99 collection and use of SSNs and improve the protection of this information when\nobtained. We believe such legislation should model the Office of Management and Budget\xe2\x80\x99s\nguidance to Federal agencies and include similar penalties or \xe2\x80\x9cconsequences\xe2\x80\x9d when State or local\ngovernments fail to follow these laws.\n\nResponse\n\nWe disagree. The legislation that OIG is recommending is the subject of wider legislation\ncurrently under consideration by Congress. On July 18, 2007, the House Committee on Ways\nand Means voted 41-0 to approve H.R. 3046, a bill to amend the Social Security Act to prevent\nFederal, State and local governments from displaying SSNs to the public, showing the numbers\non identification tags and cards and, in most cases, selling the numbers. We believe the bill\naddresses this recommendation and provides for penalties or \xe2\x80\x98consequences\xe2\x80\x99 when State or local\ngovernments fail to follow these laws. Seeking additional or separate legislation is not\nappropriate and could be counterproductive.\n\nRecommendation 2\n\nSSA should coordinate with State and local governments (for example, through national and\nregional governmental associations) to educate them about the potential risks associated with\ncollecting and improperly disclosing SSNs.\n\n\n\n\n                                               C-2\n\x0cResponse\n\nWe agree. We believe more can be done to alert State and local governments to the risks of\nusing and/or displaying SSNs on documents that are used as identifiers of the public. We\n(through our Office of External Affairs) will continue to use our contacts with national\norganizations to alert the staffs of these organizations to the risks of including SSNs on public\ndocuments and will request their help in reducing instances where SSNs are printed or displayed\non computer terminals. We will also continue to make the public aware, through SSA public\ninformation materials and news articles placed in local print media, of the problems associated\nwith the misuse and over utilization of SSNs.\nRecommendation 3\n\nSSA should promote the best practices of State and local governments that have taken steps to\nlimit SSN collection and use.\n\nResponse\nWe agree. As part of our efforts described for recommendation number 2, we will identify and\npromote the best practices used by those public entities that find ways to limit the use of SSNs in\nconducting their routine business with the public.\n\n\n\n\n                                                C-3\n\x0c                                                                      Appendix D\n\nOIG Contacts and Staff Acknowledgments\nOIG Contacts\n\n   Kimberly Byrd, Director, Southern Audit Division, (205) 801-1650\n\n   Jeff Pounds, Audit Manager, (205) 801-1606\n\nAcknowledgments\n\nIn addition to those named above:\n\n   Hollie Reeves, Auditor\n\n   Neha Smith, Senior Auditor\n\nFor additional copies of this report, please visit our web site at\nwww.socialsecurity.gov/oig or contact the Office of the Inspector General\xe2\x80\x99s Public\nAffairs Specialist at (410) 965-3218. Refer to Common Identification Number\nA-08-07-17086.\n\x0c                           DISTRIBUTION SCHEDULE\n\nCommissioner of Social Security\nOffice of Management and Budget, Income Maintenance Branch\nChairman and Ranking Member, Committee on Ways and Means\nChief of Staff, Committee on Ways and Means\nChairman and Ranking Minority Member, Subcommittee on Social Security\nMajority and Minority Staff Director, Subcommittee on Social Security\nChairman and Ranking Minority Member, Subcommittee on Human Resources\nChairman and Ranking Minority Member, Committee on Budget, House of\nRepresentatives\nChairman and Ranking Minority Member, Committee on Government Reform and\nOversight\nChairman and Ranking Minority Member, Committee on Governmental Affairs\nChairman and Ranking Minority Member, Committee on Appropriations, House of\nRepresentatives\nChairman and Ranking Minority, Subcommittee on Labor, Health and Human Services,\nEducation and Related Agencies, Committee on Appropriations,\n House of Representatives\nChairman and Ranking Minority Member, Committee on Appropriations, U.S. Senate\nChairman and Ranking Minority Member, Subcommittee on Labor, Health and Human\nServices, Education and Related Agencies, Committee on Appropriations, U.S. Senate\nChairman and Ranking Minority Member, Committee on Finance\nChairman and Ranking Minority Member, Subcommittee on Social Security and Family\nPolicy\nChairman and Ranking Minority Member, Senate Special Committee on Aging\nSocial Security Advisory Board\n\x0c               Overview of the Office of the Inspector General\nThe Office of the Inspector General (OIG) is comprised of our Office of Investigations (OI),\nOffice of Audit (OA), Office of the Chief Counsel to the Inspector General (OCCIG), and Office\nof Resource Management (ORM). To ensure compliance with policies and procedures, internal\ncontrols, and professional standards, we also have a comprehensive Professional Responsibility\nand Quality Assurance program.\n                                         Office of Audit\nOA conducts and/or supervises financial and performance audits of the Social Security\nAdministration\xe2\x80\x99s (SSA) programs and operations and makes recommendations to ensure program\nobjectives are achieved effectively and efficiently. Financial audits assess whether SSA\xe2\x80\x99s\nfinancial statements fairly present SSA\xe2\x80\x99s financial position, results of operations, and cash flow.\nPerformance audits review the economy, efficiency, and effectiveness of SSA\xe2\x80\x99s programs and\noperations. OA also conducts short-term management and program evaluations and projects on\nissues of concern to SSA, Congress, and the general public.\n\n\n                                    Office of Investigations\nOI conducts and coordinates investigative activity related to fraud, waste, abuse, and\nmismanagement in SSA programs and operations. This includes wrongdoing by applicants,\nbeneficiaries, contractors, third parties, or SSA employees performing their official duties. This\noffice serves as OIG liaison to the Department of Justice on all matters relating to the\ninvestigations of SSA programs and personnel. OI also conducts joint investigations with other\nFederal, State, and local law enforcement agencies.\n\n\n                   Office of the Chief Counsel to the Inspector General\nOCCIG provides independent legal advice and counsel to the IG on various matters, including\nstatutes, regulations, legislation, and policy directives. OCCIG also advises the IG on\ninvestigative procedures and techniques, as well as on legal implications and conclusions to be\ndrawn from audit and investigative material. Finally, OCCIG administers the Civil Monetary\nPenalty program.\n                              Office of Resource Management\nORM supports OIG by providing information resource management and systems security. ORM\nalso coordinates OIG\xe2\x80\x99s budget, procurement, telecommunications, facilities, and human\nresources. In addition, ORM is the focal point for OIG\xe2\x80\x99s strategic planning function and the\ndevelopment and implementation of performance measures required by the Government\nPerformance and Results Act of 1993.\n\x0c'